Securing the Connected Car
Journal article, 2018

A new era is upon us — an era where Internet connectivity is available everywhere and at all times. Cars have become very complex computer systems with about 100 million lines of code and more than 100 electronic control units (ECUs) interconnected to control everything, including steering, acceleration, brakes, and other safety-critical systems. However, cars were never created with Internet connectivity in mind, and adding this connectivity as an afterthought raises many security concerns. As a result, a security-enhancing approach that considers the entire process from product development to market introduction is required.

This article suggests using a methodology known as start, predict, mitigate, and test (SPMT). Its purpose is to predict and mitigate vulnerabilities in vehicles using a systematic approach for security analysis specifically adapted for vehicles. The SPMT methodology builds on existing methodologies and models that are applicable to different phases in a vehicle’s life cycle as well as on new ideas. Unlike other methods, however, the SPMT methodology covers a vehicle’s entire life cycle, which results in security and safety enhancements, something that cannot be achieved by existing methodologies.

attack mitigation

risk assessment

security

framework

security testing

connected vehicle

Author

Kim Strandberg

Volvo Cars

Tomas Olovsson

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

Erland Jonsson

Chalmers, Computer Science and Engineering (Chalmers), Networks and Systems (Chalmers)

IEEE Vehicular Technology Magazine

1556-6072 (ISSN)

Vol. 13 1 56-65

Areas of Advance

Information and Communication Technology

Transport

Subject Categories

Telecommunications

Communication Systems

Computer Systems

DOI

10.1109/MVT.2017.2758179

More information

Latest update

6/14/2018